blob: 0fec5121a11be1c74c5a582183d38422531b1405 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
$NetBSD: patch-Lib_test_test__httpservers.py,v 1.1.2.2 2014/07/05 11:21:49 tron Exp $
Add test for fix for directory traversal vulnerability, ref.
http://bugs.python.org/issue21766
--- Lib/test/test_httpservers.py.orig 2014-03-09 08:40:17.000000000 +0000
+++ Lib/test/test_httpservers.py
@@ -464,6 +464,11 @@ class CGIHTTPServerTestCase(BaseTestCase
(res.read(), res.getheader('Content-type'), res.status))
self.assertEqual(os.environ['SERVER_SOFTWARE'], signature)
+ def test_urlquote_decoding_in_cgi_check(self):
+ res = self.request('/cgi-bin%2ffile1.py')
+ self.assertEqual((b'Hello World\n', 'text/html', 200),
+ (res.read(), res.getheader('Content-type'), res.status))
+
class SocketlessRequestHandler(SimpleHTTPRequestHandler):
def __init__(self):
|
